www.gusucode.com > 给力搜索小偷开源源码 3.0源码程序 > admin/admin_main.php
<? include('data.php'); if($_COOKIE['x_Cookie']!=$adminname or $_COOKIE['y_Cookie']!=md5($password)){ echo"<script>location.href='index.php';</script>"; exit; } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=gb2312" /> <title>基本信息</title> <script> function chk(){ if(form.name.value==''){ alert('不好意思首页标题为空!'); return false; } if(form.site_url.value==''){ alert('不好意思网站URL为空!'); return false; } if(form.site_name.value==''){ alert('不好意思内容页标题为空!'); return false; } if(form.value.value==''){ alert('不好意思按扭标题为空!'); return false; } if(form.home.value==''){ alert('不好意思设为主页标题为空!'); return false; } if(form.icp.value==''){ alert('不好意思备案号为空!'); return false; } if(form.icp.value==''){ alert('不好意思缓存地址为空!'); return false; } if(form.domain.value==''){ alert('不好意思首页LOGO为空!'); return false; } if(form.logoyy.value==''){ alert('不好意思搜索页LOGOL为空!'); return false; } } </script> </head> <body> <? $id=$_GET['id']; if($id=='man'){ include '../config.php'; ?> <form method="POST" action="?id=save" id="form" name="form" onSubmit="return chk();"> <table width="488" border="1" align="center" bordercolor="#666666"> <tr> <td colspan="4" align="center" ><strong>基本信息修改</strong></td> </tr> <tr> <td>首页标题:</td> <td><input name="name" type="text" id="name" value="<? echo $name; ?>" /></td> </tr> <tr> <td>网站URL:</td> <td><input name="site_url" type="text" id="site_url" value="<? echo $site_url; ?>" /></td> </tr> <tr> <td>内容页标题:</td> <td><input name="site_name" type="text" id="site_name" value="<? echo $site_name; ?>" /></td> </tr> <tr> <td>按扭标题:</td> <td><input name="value" type="text" id="value" value="<? echo $value; ?>" /></td> </tr> <tr> <td>设为主页标题:</td> <td><input name="home" type="text" id="home" value="<? echo $home; ?>" /></td> </tr> <tr> <td>备案号:</td> <td><input name="icp" type="text" id="icp" value="<? echo $icp; ?>" /></td> </tr> <tr> <td>缓存地址:</td> <td><input name="domain" type="text" id="domain" value="<? echo $domain; ?>" /> 不要加http://与结尾/</td> </tr> <tr> <td>首页LOGO:</td> <td><input name="logo" type="text" id="logo" value="<? echo $logo; ?>" /></td> </tr> <tr> <td>搜索页LOGO:</td> <td><input name="logoyy" type="text" id="logoyy" value="<? echo $logoyy; ?>" /></td> </tr> <tr> <td> </td> <td><input name="cmdSave" type="submit" id="cmdSave" value="登录"/> <input type="reset" name="reset" value="重置" /></td> </tr> </table> </form> </body> </html> <?php }elseif ($id=='save'){ include '../config.php'; //$strreplace = str_replace("\r\n",";",$_POST['strreplace']); $con='<?php'." \r\n".'$name='.'"'.$_POST['name'].'"'."; \r\n".'$site_url='.'"'.$_POST['site_url'].'"'."; \r\n".'$site_name='.'"'.$_POST['site_name'].'"'."; \r\n".'$value='.'"'.$_POST['value'].'"'."; \r\n".'$home='.'"'.$_POST['home'].'"'."; \r\n".'$icp='.'"'.$_POST['icp'].'"'."; \r\n".'$domain='.'"'.$_POST['domain'].'"'."; \r\n".'$logo='.'"'.$_POST['logo'].'"'."; \r\n".'$logoyy='.'"'.$_POST['logoyy'].'"'."; \r\n?>"; $httpdcon="[ISAPI_Rewrite] \r\n# 3600 = 1 hour \r\nCacheClockRate 3600 \r\nRepeatLimit 32 \r\n# Block external access to the httpd.ini and httpd.parse.errors files \r\nRewriteRule /httpd(?:\.ini|\.parse\.errors).* / [F,I,O] \r\n# Block external access to the Helper ISAPI Extension \r\nRewriteRule .*\.isrwhlp / [F,I,O] \r\nRewriteRule /s\?wd=(.*) /s\.php\?wd=$1 \r\nRewriteRule /s\?bs=(.*)&f=8&wd=(.+) /s\.php\?bs=$1&f=8&wd=$2 \r\nRewriteRule /s\?bs=(.*)&f=3&wd=(.*)&oq=(.*)&rsp=(.*)&sugT=(.*) /s\.php\?bs=$1&f=3&wd=$2&oq=$3&rsp=$4&sugT=$5 \r\nRewriteRule /s\?bs=(.*)&f=8&wd=(.*) /s\.php\?bs=$1&f=8&wd=$2"; if(preg_match("/require|include|REQUEST|eval|system|fputs/i", $con)){ echo "<script>alert('含有非法字符!');location.href='?id=man';</script>"; } else{ $cDir = $_POST['erji']; if ($cDir==""){ $cDira="../"; }else{ $cDira="../../"; } if (! is_dir ( $cDir )) { mkdir ( $cDir, '0777' ); } $fp=fopen("../config.php","w"); fwrite($fp,$con); fclose($fp); $httpdfp=fopen($cDira."httpd.ini","w"); fwrite($httpdfp,$httpdcon); fclose($httpdfp); echo"<script>alert('修改成功!');location.href='?id=man';</script>"; exit; } } ?>